Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,176 advisories

Loading
Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014... Moderate Unreviewed
CVE-2015-3940 was published May 17, 2022
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and... Moderate Unreviewed
CVE-2010-2850 was published May 17, 2022
In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal... High Unreviewed
CVE-2021-44519 was published Apr 20, 2022
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed
CVE-2022-20790 was published Apr 22, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed
CVE-2022-20727 was published Apr 16, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... Moderate Unreviewed
CVE-2022-20721 was published Apr 16, 2022
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. High Unreviewed
CVE-2022-28444 was published Apr 22, 2022
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal... Moderate Unreviewed
CVE-2021-41551 was published Jan 19, 2022
The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using... High Unreviewed
CVE-2022-1392 was published Apr 26, 2022
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in... High Unreviewed
CVE-2009-3721 was published Apr 21, 2022
There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255,... High Unreviewed
CVE-2021-40680 was published Apr 26, 2022
Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync... High Unreviewed
CVE-2022-24424 was published Apr 22, 2022
Path Traversal in Jenkins High
CVE-2018-1000194 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Arbitrary file read in ginadmin High
CVE-2022-30428 was published for github.com/gphper/ginadmin (Go) May 26, 2022
Path traversal in ginadmin High
CVE-2022-30427 was published for github.com/gphper/ginadmin (Go) May 26, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access... High Unreviewed
CVE-2021-35250 was published Apr 26, 2022
The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter... Critical Unreviewed
CVE-2022-1390 was published Apr 26, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch Moderate
CVE-2015-5531 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow High
CVE-2018-1048 was published for org.jboss.eap:wildfly-undertow (Maven) May 13, 2022
An exploitable directory traversal vulnerability exists in the web management interface used by... Moderate Unreviewed
CVE-2017-2829 was published May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to,... Moderate Unreviewed
CVE-2022-3361 was published Nov 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database